Bug in GnuPG

Werner Koch wk at gnupg.org
Tue Jan 10 15:50:31 CET 2006 

On Tue, 10 Jan 2006 05:23:11 -0600, Joe Vender said:

> When encrypting to any number of anonymous recipients while also encrypting
> non-anonymously to a key (or multiple keys) that I own, why does it do the
> anonymous stuff before first checking to see if any given KeyIDs (keyIDs
> sent with the encrypted block) belong to keys that I own and have the secret
> key to on my ring? It looks like it should first check to see if any given

The reason is simple:  gpg does not build up a list of possible keys
but processes the keys as they come.  This allows to stop checking for
key as soon as a valid one has been found.  

Yes, this could be changed but it would be a larger change.

> C:\GnuPG>gpg --status-fd 1 test2.txt
> [GNUPG:] ENC_TO 0000000000000000 16 0
> gpg: anonymous recipient; trying secret key 25A8679F ...
> [GNUPG:] USERID_HINT 60867A9925A8679F Joe Vender <jvender-at-owensboro.net>
> [GNUPG:] NEED_PASSPHRASE 60867A9925A8679F 60867A9925A8679F 16 0
> [GNUPG:] GOOD_PASSPHRASE

This means that the passphrase for the key 60867A9925A8679F was good
but does not say anything on whether this secret key was able to
decrypt the message.

> [GNUPG:] ENC_TO 0000000000000000 16 0
> gpg: anonymous recipient; trying secret key 25A8679F ...

Well, the message has not been encrypted to your key.  Now gpg
continues with the second hidden recipient

> [GNUPG:] USERID_HINT 60867A9925A8679F Joe Vender <jvender-at-owensboro.net>
> [GNUPG:] NEED_PASSPHRASE 60867A9925A8679F 60867A9925A8679F 16 0
> [GNUPG:] GOOD_PASSPHRASE
> [GNUPG:] ENC_TO 60867A9925A8679F 16 0

Same result as above.

> [GNUPG:] USERID_HINT 60867A9925A8679F Joe Vender <jvender-at-owensboro.net>
> [GNUPG:] NEED_PASSPHRASE 60867A9925A8679F 70BD436E23F3119B 16 0

> You need a passphrase to unlock the secret key for
> user: "Joe Vender <jvender-at-owensboro.net>"
> 4096-bit ELG-E key, ID 25A8679F, created 2005-12-14 (main key ID 23F3119B)

The third (non-hidden) recipient matches your key.

> Apparently, when status-fd 1 is sent during decryption as above, it will
> give multiple anonymous prompts even if your passphrase is entered
> correctly, the number of prompts equal to the number of anonymous

Right, there is no passphrase caching. 

> entered correctly or not. That is, UNLESS THE DECRYPTION COMMAND LINE
> INCLUDES --status-fd in which case it gives a prompt for each recipient
> encrypted to.

That is so that frontends are able to show more information about the
messages.


Shalom-Salam,

   Werner

More information about the Gnupg-devel mailing list